Are Cloud Solutions Secure Enough Out-of-the-box?

Are Cloud Solutions Secure Enough Out-of-the-box?

Out-of-the-box Cloud Solutions

Although people may argue that data is not safe in the Cloud because using cloud infrastructure requires trusting another party to look after mission critical data, cloud services actually are more secure than legacy systems. In fact, a recent study on the state of cloud security in the enterprise market revealed that 64 percent of medium and large businesses believe cloud infrastructure is more secure than legacy systems.

What factors contribute to positive and negative impressions of cloud security? What should businesses do to protect their data better?

Fear of the Cloud Arises From Media and Lack of Knowledge

threat-cybersecurity

You cannot blame people for being worried about cloud security. Everyone remembers the Target and Home Depot breaches, which compromised tens of millions of customer credit card information, as well as the Apple iCloud hack that leaked private celebrity photos to the public. These incidents caused many major news outlets to question cloud security. However, the media forgot to mention that these three high-profile attacks did not have much to do with cloud computing.

Target allowed a third-party to access its network, and then hackers got ahold of that third party’s log in credentials. Home Depot was attacked in much the same way, with hackers stealing a vendor’s login, accessing the network, and then using custom malware to get around the company’s antivirus software.

Even large businesses have mixed feelings about security in the cloud, naming it both the number one benefit and most frequently encountered challenge.

Many recent data breaches have been reported incorrectly. … In most cases, it is human error, and the Cloud cannot protect you from that.” – Jason Reichl, CEO, Go Nimbly

Impressions of Cloud Security Remain Resilient

Despite these events, this year, 90 percent of enterprises plan to increase or maintain their annual spending on cloud computing. If cloud infrastructure were such a risk, businesses would not be investing in the platform at such high rates.

david-linthicumDavid Linthicum, Senior Vice President of Cloud Technology Partners, says to think about cloud security systems like this: is your money safer stuffed in a mattress at home where you have control of it or with your local bank? A bank, obviously, is better positioned to protect your money because they have a vault and security cameras and are insured. Likewise, a cloud service provider (CSP) is better positioned to protect your data because they invest in 24-7 monitoring, the best cyber security tools, and physical barriers, such as video surveillance and biometric scanning.

Unfortunately, cloud infrastructure security on its own, out-of-the-box, is not enough to safeguard your business’ crucial data.

Steps to Ensure Data Security in the Cloud

What steps should businesses take to ensure data security, when using cloud infrastructure?

Migrating to the cloud starts with selecting a CSP that fits your business’ needs. It is important to recognize that not all CSPs are equal.

In 2013, former Editor in Chief of Yahoo Tech Dan Tynan detailed his experience with Box. In particular, he talked about how all his Box files once disappeared for six months. Specifically, his login didn’t work and the company could not locate the account associated with his email. This means Tynan’s data was missing for half a year, which raises concerns about stolen information. Who had access to his data?

National Security Agency (NSA) whistleblower Edward Snowden also warned against relying on the security features of another popular cloud service, Dropbox.

TheCloudConclusion

Dropbox? Get rid of Dropbox. It doesn’t support encryption. It doesn’t protect your private files. Use competitors, like SpiderOak, that do the same exact service, but they protect the content of what you’re sharing,” Snowden said in a 2014 interview with the New Yorker.

Indeed, it is true: some CSPs are more secure than others. For example, the difference between Dropbox and SpiderOak is that Dropbox, as well as many other major CSPs, encrypts data on its own servers but does not encrypt data locally, leaving it vulnerable to attacks. Conversely, SpiderOak encrypts data on both your local servers and their personal servers, reducing the opportunity for a security breach.

Regardless of the CSP your business uses, additional local security measures, such as data encryption, improved identity access policies, and regular audits, will minimize the possibility of a costly cyber attack.

By Sarah Patrick

About Sarah Patrick

Sarah is an analyst at Clutch. As a member of the marketing team, she conducts research that aims to help consumers select agencies and firms and use IT services and software that enhance their business. Clutch is a Washington, DC-based research, reviews, and ratings platform for B2B. It identifies leading software and professional services firms that deliver results for their clients.

View All Articles

Sorry, comments are closed for this post.

Comics
The Key To Improving Business Lies In Eye-Interaction Tech

The Key To Improving Business Lies In Eye-Interaction Tech

Eye-Interaction Technology Analysts at Goldman Sachs predict virtual reality revenue will surpass TV within the next decade. More than just some gaming fad, VR represents a whole new way for organizations to train, research, and explore vast amounts of data. Despite its popularity, however, VR is still not in the hands of the majority, and…

Cost of the Cloud: Is It Really Worth It?

Cost of the Cloud: Is It Really Worth It?

Cost of the Cloud Cloud computing is more than just another storage tier. Imagine if you’re able to scale up 10x just to handle seasonal volumes or rely on a true disaster-recovery solution without upfront capital. Although the pay-as-you-go pricing model of cloud computing makes it a noticeable expense, it’s the only solution for many…

The Cloud Is Not Enough! Why Businesses Need Hybrid Solutions

The Cloud Is Not Enough! Why Businesses Need Hybrid Solutions

Why Businesses Need Hybrid Solutions Running a cloud server is no longer the novel trend it once was. Now, the cloud is a necessary data tier that allows employees to access vital company data and maintain productivity from anywhere in the world. But it isn’t a perfect system — security and performance issues can quickly…

Virtual Immersion And The Extension/Expansion Of Virtual Reality

Virtual Immersion And The Extension/Expansion Of Virtual Reality

Virtual Immersion And Virtual Reality This is a term I created (Virtual Immersion). Ah…the sweet smell of Virtual Immersion Success! Virtual Immersion© (VI) an extension/expansion of Virtual Reality to include the senses beyond visual and auditory. Years ago there was a television commercial for a bathing product called Calgon. The tagline of the commercial was Calgon…

Do Not Rely On Passwords To Protect Your Online Information

Do Not Rely On Passwords To Protect Your Online Information

Password Challenges  Simple passwords are no longer safe to use online. John Barco, vice president of Global Product Marketing at ForgeRock, explains why it’s time the industry embraced more advanced identity-centric solutions that improve the customer experience while also providing stronger security. Since the beginning of logins, consumers have used a simple username and password to…

Three Challenges of Network Deployment in Hyperconverged Infrastructure for Private Cloud

Three Challenges of Network Deployment in Hyperconverged Infrastructure for Private Cloud

Hyperconverged Infrastructure In this article, we’ll explore three challenges that are associated with network deployment in a hyperconverged private cloud environment, and then we’ll consider several methods to overcome those challenges. The Main Challenge: Bring Your Own (Physical) Network Some of the main challenges of deploying a hyperconverged infrastructure software solution in a data center are the diverse physical…

Four Recurring Revenue Imperatives

Four Recurring Revenue Imperatives

Revenue Imperatives “Follow the money” is always a good piece of advice, but in today’s recurring revenue-driven market, “follow the customer” may be more powerful. Two recurring revenue imperatives highlight the importance of responding to, and cherishing customer interactions. Technology and competitive advantage influence the final two. If you’re part of the movement towards recurring…

The Future Of Cloud Storage And Sharing…

The Future Of Cloud Storage And Sharing…

Box.net, Amazon Cloud Drive The online (or cloud) storage business has always been a really interesting industry. When we started Box in 2005, it was a somewhat untouchable category of technology, perceived to be a commodity service with low margins and little consumer willingness to pay. All three of these factors remain today, but with…